Tags:
create new tag
, view all tags

Feature Proposals » Forbid certain users to do certain actions by configuration

Summary

Current State: Developer: Reason: Date: Concerns By: Bug Tracking: Proposed For:
MergedToCore HideyoImazu AcceptedByReleaseMeeting 2014-10-16   TWikibug:Item7581 KampalaRelease

Edit Form

TopicSummary:
CurrentState:
CommittedDeveloper:
ReasonForDecision:
DateOfCommitment:   Format: YYYY-MM-DD
ConcernRaisedBy:
BugTracking:
OutstandingIssues:
RelatedTopics:
InterestedParties:
ProposedFor:
TWikiContributors:
 

Motivation

You may have an unruly registered users (e.g. a crawler program) who don't follow the rules.

You may not have control over such a crawler. And the web application container in which TWiki is installed may be managed by somebody else and you don't have tight and quick control.

Description and Documentation

Introduce $TWiki::cfg{ForbidUserAction} having a hash reference. The key of the hash is the internal user name and the value is a comma separated list of script names such as view and edit. The specificied scripts are forbidden for the user with all topics of all webs.

If the list is preceded by !, only the listed scripts are permitted and the other scripts are forbidden for the user.

Examples

$TWiki::cfg{ForbidUserAction} = {
    AggressiveCrawler => 'edit, oops, search',
    TotallyForbidden    => '!nothing',
};

Impact

WhatDoesItAffect: Security

Implementation

-- Contributors: Hideyo Imazu - 2014-10-16

Discussion

Special case, I am OK with this. Could that be done with an Apache Deny rule? Or a configuration on the greedy crawler?

-- Peter Thoeny - 2014-10-16

It can be accomplished by Apache configuration. But the web application container may be managed by a different team from the team owning a web application. In that case forbidding users at the TWiki level is handy.

-- Hideyo Imazu - 2014-10-16

Accepted by release meeting at KampalaReleaseMeeting2014x10x16.

-- Peter Thoeny - 2014-10-17

Edit | Attach | Watch | Print version | History: r8 < r7 < r6 < r5 < r4 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r8 - 2014-10-17 - HideyoImazu
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2017 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.